Microsoft’s August patch Tuesday fixes 107 security flaws

<p>Microsoft’s latest Patch Tuesday just dropped&comma; and it’s a big one&comma; with 107 security flaws fixed across Windows&comma; Office&comma; and other software&period; A few are marked as critical&comma; but the company says none are being actively exploited at the moment&period; Even so&comma; some of these issues are serious enough that you’ll want to update quickly&period;<&sol;p>&NewLine;<p><img class&equals;"alignnone size-full wp-image-2771" src&equals;"https&colon;&sol;&sol;www&period;wincert&period;net&sol;wp-content&sol;uploads&sol;2018&sol;10&sol;windows&lowbar;update&period;jpg" alt&equals;"version 1809&semi; KB4482887&semi; startup issues&semi; Windows 10 1903" width&equals;"640" height&equals;"436" &sol;><&sol;p>&NewLine;<p>Most of the patches&comma; that&&num;8217&semi;s 67 in total&comma; are for Windows 10&comma; Windows 11&comma; and Windows Server operating systems&period; If you’re still using Windows 7 or 8&period;1&comma; you haven’t been getting updates for a while&comma; which means those systems are wide open to attacks&period; The only real way to get protection now is to upgrade to Windows 11 24H2&period;<&sol;p>&NewLine;<p>Two of this month’s most urgent fixes deal with Windows’ graphics systems&period; One bug could let someone take over your system just by getting you to visit a malicious website&comma; while another could do the same through a booby-trapped image&period; Both require no clicks and no interaction&comma; meaning that just loading the page is enough&period;<&sol;p>&NewLine;<p>Microsoft also patched three dangerous flaws in Hyper-V&period; One allows code to escape from a virtual machine into the host&comma; another leaks private data&comma; and the third lets a VM pretend to be something it’s not&period; The Routing and Remote Access Service had a dozen vulnerabilities fixed&comma; split between data leaks and code execution&comma; all considered high risk&period;<&sol;p>&NewLine;<p>On the server side&comma; a Kerberos bug in Windows Server 2025 has been addressed&period; While Microsoft rated it as medium risk&comma; under the right conditions&comma; it could give attackers full domain admin access&period;<&sol;p>&NewLine;<p>Office package wasn’t spared either&comma; with 18 vulnerabilities fixed&comma; most of which were pretty serious&period; Four are especially dangerous because they can be triggered just by previewing a file&comma; and two of those affect Word&period;<&sol;p>&NewLine;<p>Even the Edge browser got some attention&comma; with an August 7th update bringing in fresh security fixes from the Chromium project&period;<&sol;p>&NewLine;